izgeri
commented
5 years ago @doodlesbykumbi here is the info on your test environment:
You'll be working in our OC 3.9 cluster (creds in ConjurOps) in the kumbi-secretless-xa namespace. Your Secretless container definition should look like the following:
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: secretless-xa
....
- name: secretless
image: cyberark/secretless-broker:latest
imagePullPolicy: Always
args: ["-f", "/etc/secretless/secretless.yml"]
ports:
- name: pg
containerPort: 5432
env:
- name: CONJUR_ACCOUNT
value: xa
- name: CONJUR_APPLIANCE_URL
value: "https://conjur-follower.xa-secretless.svc.cluster.local/api"
- name: CONJUR_AUTHN_URL
value: "https://conjur-follower.xa-secretless.svc.cluster.local/api/authn-k8s/openshift%2Fsecretless-xa"
- name: CONJUR_AUTHN_LOGIN
value: "host/conjur/authn-k8s/openshift/secretless-xa/apps/kumbi-secretless-xa/service_account/secretless-xa"
- name: MY_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: MY_POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: MY_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: CONJUR_SSL_CERTIFICATE
valueFrom:
configMapKeyRef:
key: ssl-certificate
name: dap-ssl-cert
volumeMounts:
- mountPath: /etc/secretless
name: config
readOnly: true
volumes:
- name: config
configMap:
name: secretless-config
defaultMode: 420
As part of this task, run the performance testing tool (
juxtaposer) a few times to get some additional data. Modify the tool to optionally be able to output raw data to a persistent file if the # rounds is less than 10,000. Run through a few tests with "output raw data" on so that we have raw data and the output of the tool to validate the tool's output for a few runs.Notes: